9 matches found
CVE-2025-10686
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...
WordPress Creta Testimonial Showcase plugin < 1.2.4 - Editor+ Local File Inclusion vulnerability
Editor+ Local File Inclusion vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Creta Testimonial Showcase versions 1.2.4...
CVE-2025-10686
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...
CVE-2025-10686 Creta Testimonial Showcase < 1.2.4 - Editor+ Local File Inclusion
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...
CVE-2025-10686
The CVE-2025-10686 has concrete details across multiple sources: Creta Testimonial Showcase WordPress plugin prior to v1.2.4 is vulnerable to Local File Inclusion. Authenticated users with editor-level access or higher can include and execute arbitrary PHP files on the server, enabling code execu...
EUVD-2025-186559
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...
CVE-2025-10686 Creta Testimonial Showcase < 1.2.4 - Editor+ Local File Inclusion
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...
WordPress plugin Creta Testimonial Showcase 安全漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting Vulnerability
Exploit Title: Stored XSS in posttitle parameter in WordPress Plugin "Testimonial Slider and Showcase" 2.2.6 Exploit Author: saitamang , yunaranyancat , amdsyad Vendor Homepage: wordpress Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version: 2.2.6 Tested on: Cento...